The attack chain centres on a flaw dubbed React2Shell, tracked as CVE-2025-55182, which affects certain configurations of ...

The JavaScript programming library React and certain apps created with it are vulnerable. Security updates are available for ...

Critical vulnerability in React library should be treated by IT as they did Log4j - as an emergency, warns one expert.

近期，聚铭安全攻防实验室监测发现了一项与React Server Components相关的远程代码执行漏洞， 该漏洞已被披露，编号为 CVE-2025-55182，CVSS 评分为 10.0 。

Half of the internet-facing systems vulnerable to a fast-moving React remote code execution flaw remain unpatched, even as exploitation has exploded into more than a dozen active attack clusters ...

According to Wiz and fellow security firm Aikido, the vulnerability, tracked as CVE-2025-55182, resides in Flight, a protocol ...

North Korea-linked attackers exploit CVE-2025-55182 to deploy EtherRAT, a smart-contract-based RAT with multi-stage ...

A new malware implant called EtherRAT, deployed in a recent React2Shell attack, runs five separate Linux persistence ...

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Friday formally added a critical security flaw impacting ...

Bad actors that include nation-state groups to financially-motivated cybercriminals from across the globe are targeting the maximum-severity but easily exploitable React2Shell flaw, with threat ...

Automation flaw in CI/CD workflow let a bad pull request unleash worm into npm PostHog says the Shai-Hulud 2.0 npm worm ...

This week, the React flaw, a belated Windows fix, Defense Secretary Pete Hegseth's Signal group posed operational risk, more ...